首页>
外国专利>
CLOUD-BASED ORCHESTRATION OF INCIDENT RESPONSE USING MULTI-FEED SECURITY EVENT CLASSIFICATIONS WITH MACHINE LEARNING
CLOUD-BASED ORCHESTRATION OF INCIDENT RESPONSE USING MULTI-FEED SECURITY EVENT CLASSIFICATIONS WITH MACHINE LEARNING
展开▼
机译:基于Cloud的事件响应响应的响应,使用机器学习进行多馈安全事件分类
展开▼
页面导航
摘要
著录项
摘要
Systems and methods for performing multi-feed classification of security events to facilitate automated IR orchestration are provided. According to one embodiment a cloud-based security service protecting a private network provides a plurality of data feeds, wherein each data feed of the plurality of data feeds independently classify a given security event and produce a classification result. In response to an event associated with a process of an endpoint device that is part of the private network an endpoint protection platform running on the endpoint device performs an initial classification of the event and transmits the classification result to the cloud-based security service for final classification to facilitate causing, by the cloud-based security service, the endpoint protection platform to perform an automated incident response, by providing an output of an automated response engine of the cloud-based security service to the endpoint protection platform.
展开▼